The Canada Revenue Agency blocked public access to its online services for several days last week until it addressed the security risk, but said Monday there was nonetheless a data breach over a six-hour period.

It said it is analyzing other fragments of data that have been removed from its systems, while putting measures in place to protect those affected by the breach.

“I share the concern and dismay of those individuals whose privacy has been impacted by this malicious act,” CRA commissioner Andrew Treusch said in a statement.

“CRA online services are safe and secure. The CRA responded aggressively to successfully protect our systems. We have augmented our monitoring and surveillance measures, so that the security of the CRA site continues to meet the highest standards.”

Everyone affected will receive a registered letter. Treusch said the agency will not be notifying individuals over the phone or by email as it wants to ensure communications “are secure and cannot be exploited by fraudsters through phishing schemes.”

Special 1-800 # has been activated for those who receive registered letter from CRA. http://t.co/Lsz3u6OdHS 4/5